monitor

monitor
Prev	Kernun Firewall Reference (1)	Next

Name

monitor — report current status of Kernun proxies

Synopsis

monitor [-g [-f]] [-d dir] [-o file] [-w sec] [-r sec] [-c cols] [-t n [-T col]] [-s col] [proxy...]

Description

Utility monitor provides a user interface to the Kernun proxy runtime monitoring facility. It reads the monitoring communication files created by running proxies, processes the data, and generates reports. A report can be generated once or periodically, see option -r. The format of the report is either plain text or an HTML document. The report can be sorted by various criteria and contains information about all active proxy sessions, or only about a subset of them. It is possible to select proxies by name (argument proxy) or location of communication files (-d). Another alternative is to show only top values, for example, only the 10 sessions with the largest amount of data downloaded from a server.

HTML output is intended for remote access to data monitoring. Remote access requires an HTTP server (secure and properly configured) on the firewall. If the server does not support CGI scripts or the security policy forbids them, monitor may be started as a daemon with -h, -r and other arguments that choose a fixed format of displayed information. The monitor then periodically generates a report as a static HTML page. If the monitor is used as a CGI script, it is possible to augment the report (-f) with a form that allows setting some report parameters. Option -r in both versions of HTML output instructs the user's browser to periodically refresh the page.

Arguments

-g

Generates HTML output.

-f

Adds a form for selecting some parameters to HTML output, processes input from the form.

Textual output is generated if neither -g nor -f is used.

-d dir

Specifies a directory containing monitoring communication files. If not set, the current working directory is used by default.

-o file

Stores the output to a file instead of sending it to the standard output.

-w sec

Sets timeout (in seconds) for waiting for monitor-dump. When reading a communication file, monitor-dump must sometimes wait until the proxy finishes modification of the file. This options prevents indefinitely long waiting in the case of a synchronization error.

-r sec

Refreshes the report with given period (in seconds). HTML output will contain a Refresh header in order to automatically reload the page in a browser. If started as a CGI script, monitor always exits after the first report is generated, regardless of -r.

-c cols

Selects the displayed colums, cols is a comma-separated list of column types (see below).

-t n

Shows only top n entries with the highest values (or the oldest time).

-T col

The column type used for -t. If not set, sin is used. Only times, byte counts, and speeds may be used here.

-s col

The column type used for sorting the output. If not set, sin is used.

proxy...

Reports active sessions of these proxies only. If no proxy is specified, all proxies are reported.

Column Types

name: Proxy name, the name of section *-proxy in the configuration
prog: Proxy type, the name of the proxy executable
pid: PID of the process handling the session
start: Session start time (hour:min:sec), prefixed with date if not today
time: Current session duration time (hour:min:sec)
cip: Client numeric IP address and port
cname: Client name and port; IP to name resolution is done by proxy
sip: Server numeric IP address and port
sname: Server name and port; IP to name resolution is done by proxy
cout: Bytes received from the client
sout: Bytes sent to the server
sin: Bytes received from the server
cin: Bytes sent to the client
int: Measurement interval (in seconds) for communication speed evaluation
cos: Current speed of data receiving from the client (bytes per second)
sos: Current speed of data sending to the server (bytes per second)
sis: Current speed of data receiving from the server (bytes per second)
cis: Current speed of data sending to the client (bytes per second)
trunc: Flags indicating truncation of additional variable-length data (user, auser and file)
user: User name as authenticated by the proxy (not the user on the final server)
auser: AProxy user name authenticated by http-proxy(8)
file: Name of the file that is being currently downloaded/uploaded by ftp-proxy(8) or the current request URI in http-proxy(8)
all: All columns
def: A default set of columns: name,time,cname,sname,sout,sin,sos,sis

Configuration

It is possible to configure colors used by the monitor in HTML output and the description of the abbreviated column names. See instructions at the beginning of the monitor script.

Prev	Up	Next
mkblacklist	Home	ooba-samba